Acunetix integrates with 3rd party applications, making it easier to track and protect against identified vulnerabilities. Acunetix scan results can be used by the following Issue Trackers and WAFs, and Acunetix can also be used as part of a Continuous Integration environment.
An Issue Tracker is a powerful and essential tool in the Software Development Life Cycle (SDLC) of almost any software project. It helps development teams streamline collaboration and manage their work without getting lost in an endless stream of emails and PDF reports.
Acunetix can send vulnerabilities as issues to the following Issue Trackers:
- Azure DevOps (Microsoft TFS)
Web Application Firewalls (WAFs)
Acunetix integrates with popular WAFs to automatically create appropriate Web Application Firewall rules to protect web applications against attacks targeting vulnerabilities that the scanner finds. This allows you to temporarily prevent the exploitation of high-severity vulnerabilities until you are able to fix them.
Acunetix can export scan data to the following Web Application Firewalls (WAFs):
- Imperva SecureSphere
- F5 BIG-IP Application Security Manager
- FortiWeb WAF
- Citrix WAF
See also: How to integrate with WAFs
Continuous Integration (CI)
Acunetix offers a plugin for Jenkins, a popular open source Continuous Integration (CI) and automation platform. Using this plugin development and operations teams to identify and track web application vulnerabilities early on in the Software Development Life Cycle (SDLC), and crucially, before they make it into production. The Acunetix Jenkins plugin integrates seamlessly with the Jenkins build process and triggers automatic Acunetix scans as part of the web application build process inside of the Jenkins CI platform.
The Acunetix Jenkins plugin enables you to:
- Trigger Acunetix scans from within Jenkins upon each build
- Trigger Acunetix scans with built-in or custom scan types to only scan for specific vulnerabilities
- Configure Jenkins to fail a build (and optionally abort the scan) as soon as a specific threat-level (high, medium or low severity) is reached
- Automatically generate reports saved within Jenkins
See also: Configuring Acunetix Jenkins Plugin
Frequently asked questions
Acunetix has out-of-the-box integrations with several issue trackers: Jira, Microsoft TFS (Azure DevOps), GitHub, GitLab, Bugzilla, and Mantis. Acunetix 360 has even more integrations. Integrating Acunetix with issue trackers is very simple and straightforward – you just need to establish a connection and then can export vulnerabilities directly to the issue tracker. Our support pages and blog have articles that describe the process.
Acunetix Premium has out-of-the box integration with Jenkins. Acunetix 360 has several other CI/CD integrations. Integrating Acunetix with a CI/CD tool is very easy, all you need to do is establish a connection and then you can run Acunetix scans directly from CI/CD pipelines.
See a step-by-step guide to integrating Acunetix with Jenkins.
Acunetix can import data from many different sources: UX tools, proxies, and security analysis tools. An Acunetix crawl can be pre-seeded using output from Selenium IDE, Telerik Fiddler, Burp, Paros, and Postman. You can also use the following files to import data into Acunetix: HTTP Archives, Swagger, WSDL, WADL, ASP.NET Web Forms, and text files with lists of URLs.
Acunetix exposes all its functionality via a REST API. You can use any environment that you like to make REST API calls to Acunetix and get the results. This lets you integrate Acunetix with any environment that supports REST. In other cases, the Acunetix support team can help you figure out the best way to achieve integration.
See an example of how to integrate a custom application with Acunetix using the API.
Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.
“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox